How Iranian Hackers Tricked their Prey

Posted on

For years, Iran has been a leader in state-sponsored hacking, attacking governments and businesses across the world. While the government has proven their advanced abilities, other groups in the area have been able to operate without detection. Until now, the world was unaware of the power these cyber-terrorists developed. This summer, security experts from TrapX, who were working for a military contractor, spent 18 days battling a team of advanced hackers trying to break into their network.

The hackers were believed to be Iranian but were using a tool-set created by a known Russian hacker that is typically circulated through Russian dark-net forums. Additionally, the web domains and email addresses used during the attack have Russian origins and continue to be used by a known Russian hacker. This type of attack is similar to one in 2015, where the hackers were able to shut down portions of Ukraine’s power grid.  There were also similarities to hundreds of other attacks that the Iranians attempted and executed.

During these attacks, hackers mimick internal IP addresses to try to enter a system undetected. A majority of these codes were identical to those used in 2015. Although they didn’t utilize the most advanced hacking methods, the team dedicated a lot of time to the planning and execution of their attack. Once the firm’s experts detected the hacking, the criminals would lie in wait for their next opportunity.

The team defending the network was sure they could continue to protect against the code they had studied. However, during the last attempt to enter the system, the attackers utilized a groundbreaking new tool that was created to be encrypted and to evade typical methods of analyzation. Understanding this new tool took weeks for the team of experts.  For the military contractor to win the battle, their team of cyber-security experts set up a bait network with fake information to lure them in. Then, once the hackers were in the system, the experts could learn their behavior and set up a defense against it within the real networks.

Although the TrapX team had a successful defense method, this type of attack leads governmental and business organizations around the world to question their current defense methods. It is critical that all hardware and software is updated frequently to be able to thwart off hackers, but there is no sure-fire way to protect an infrastructure. If you are interested in building a proactive response for your business, including a backup and disaster recovery plan, contact us today to get started!

Managing Your Company’s IT Risks

Posted on

With the growing number of cyber-attacks around the world as of late, many businesses are realizing that implementing a proper cyber security plan is critical to succeeding in the business world. Everything from the emails your employees receive to the links they click can cause your systems to be compromised and your clients’ private information to be stolen. Today’s blog covers the steps that you should take to protect your company and your customers.

Education

The first step in securing your infrastructure is educating your employees on the risks they face and how they can help with your company’s protection. The most obvious security measure team members can take is utilizing complex passwords. Employees should be encouraged to use long strings of unrelated words or combinations of capital letters, letters, numbers, and symbols and change them at least bi-annually. Additionally, employees should take precautions when clicking links in emails. Phishing scams are those where hackers create emails that emulate trusted sources that contain malicious links. These scams can be avoided by double-checking the email address to ensure it is correct. For example, customerservice@yourbank.com can be secure while customersservice@yourbank.com might be a hacker. If suspicious emails are detected, the IT team should be notified so they can block the sender and perform additional security scans. To ensure employees are following the proper procedures, their activity should be monitored and there should be blocks on certain types of websites.

Infrastructure

No matter how safe your employees are, your company will face a plethora of security risks. It is critical to implement a security infrastructure that will help prevent hackers from compromising your entire system. Network management is the process of monitoring each user’s activity and the overall infrastructure’s performance. IT teams must also ensure that the software and network are constantly updated to ensure that they are defending against the latest threats. In order to ensure this management is effective, it is important to test it by performing a penetration test. This involves internal or outsourced teams trying to exploit vulnerabilities to see if they gain the ability to negatively affect the system.

Backup

As we’ve said, there is no way to fully protect your business against these types of attacks. That is why it is important to create a disaster recovery plan. Frequently making copies of your infrastructure is important so that the stored information is as up-to-date as possible and the infrastructure will be able to be recovered to the state it was in before it acquired the virus or hack. Storing these backups on the cloud will provide additional protection as it will prevent data loss in the occurrence of a natural disaster or theft. These backups should also be tested frequently to ensure they are taking a full snapshot of the system and able to be uploaded quickly. With the proper backups in place, your business will be able to upload your system in minutes once you can access an internet connected device.

These are just a few of the steps your company should take to manage the cybersecurity threats it faces each day. A proper plan involves a full risk assessment and will constantly change to accommodate new technology and threats. Our team members would be happy to help you protect your business and create a plan to ensure its sustainability and success. Contact us to learn more!